User Guide in OpenStack-Ansible has wrong IP address for haproxy_keepalived_internal_vip_cidr

Bug #1773793 reported by Niklas Hagman on 2018-05-28
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openstack-ansible
Low
Ilya Popov

Bug Description

https://docs.openstack.org/openstack-ansible/latest/user/prod/example.html
https://docs.openstack.org/openstack-ansible/queens/user/prod/example.html
https://docs.openstack.org/openstack-ansible/latest/user/l3pods/example.html
https://docs.openstack.org/openstack-ansible/queens/user/l3pods/example.html
https://docs.openstack.org/openstack-ansible/latest/user/ceph/full-deploy.html
https://docs.openstack.org/openstack-ansible/queens/user/ceph/full-deploy.html

These pages has documentation saying haproxy_keepalived_internal_vip_cidr should be "172.29.236.0/22". But the examples configures 172.29.236.9 to be the internal vip address.

Documentation should say haproxy_keepalived_internal_vip_cidr: "172.29.236.9/22".

this also needs to be fixed in source code examples
--- openstack-ansible/etc/openstack_deploy/user_variables.yml.prod-ceph.example
+++ openstack-ansible.changes/etc/openstack_deploy/user_variables.yml.prod-ceph.example
@@ -6 +6 @@
-haproxy_keepalived_internal_vip_cidr: "172.29.236.0/22"
+haproxy_keepalived_internal_vip_cidr: "172.29.236.9/22"

--- openstack-ansible/etc/openstack_deploy/user_variables.yml.prod.example
+++ openstack-ansible.changes/etc/openstack_deploy/user_variables.yml.prod.example
@@ -7 +7 @@
-haproxy_keepalived_internal_vip_cidr: "172.29.236.0/22"
+haproxy_keepalived_internal_vip_cidr: "172.29.236.9/22"

Changed in openstack-ansible:
status: New → Confirmed
importance: Undecided → Low
tags: added: low-hanging-fruit
Ilya Popov (ilya-p) on 2018-06-06
Changed in openstack-ansible:
assignee: nobody → Ilya Popov (ilya-p)

Fix proposed to branch: master
Review: https://review.openstack.org/572935

Changed in openstack-ansible:
status: Confirmed → In Progress
Niklas Hagman (blinkiz) wrote :

I do think both these should be /32 and not /22.
A IPv4 with /22 is already defined on this bridge/interface. Creating another way out into this subnet is not the purpose.

Ilya Popov (ilya-p) wrote :

Agree. Checked in code:

1. There is a comment in user_variables.yml:

# haproxy_keepalived_internal_vip_cidr: "{{internal_lb_vip_address}}/32"

2. There is a ip check procedure which asserts ip in healthcheck-hosts.yml - ip should be host ip, not network ip

    - name: Checking that vip address is well formed
      assert:
        that:
          - item | ipaddr('address')
        msg: "Misconfigured keepalived: The vip {{ item }} is not an IP address, but a network"
      with_items:
        - "{{ haproxy_keepalived_internal_vip_cidr }}"
        - "{{ haproxy_keepalived_external_vip_cidr }}"
      when:
        - groups['haproxy_all'] | length > 1

Ilya Popov (ilya-p) wrote :

Fixed in new patchset

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers